Security Problem with authenticate_with_http_digest - Yeah, Rails had another security issue. It's hardly the worst one ever. I'm very amused by Hacker News trying to get the mob together with pitchforks for this one. (Full disclosure: I'm partially responsible because I passed on the original documentation to the blog entry without spotting the error. Guess I'd better go shoot myself for that.)